[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re:Extreme decomposition questionable?



Dyke's comment is interesting, and the article he's
referring really has made me ponder during this summer.

During August I have read Les Hatton's "Safer C" 
(ISBN 0-07-707640-0), a book I guess most of you must have 
read already. 

- Or, perhaps, with the antagonism we all feel (felt?) to C, 
maybe most haven't read it, because his big deal is that
it is not the inherent safety in the basic language that
counts, but how good it can be made.

This is I think, an "excuse" for writing in C, and he makes
his points very clear in the book. Standard C plus
lint, or better PC-lint or even better one of his tools, does
it, is his message. What if sequential C + tool is better
than sequential occam? Once we begin with PARs, I think we
still have a case, and this is what his paper really is about.

After this, I have now PC-linted the generated C code from SPOC,
and have a very interesting experience, indeed. I do see a few
points where occam could have been more aware.

Occam should perhaps have been beefed up with a few things,
so that we wouldn't need occ-lint. I compile my occam code with
D7305 and SPOC, and none of them are good "enough".

I think uninitialized variables, variables not used after having been
initialized once, and _maybe_ some distinguishing between signed
and unsigned would help. That's really quite little.

I have had some communictions with Les Hatton i June, and he
said he'd be very interested in receiving occam failure data.
How did that code really go? I promised to give him some, but
we havent's had program errors, just algorithmic problems,
so we'll see.

He's mentioning UOfKent a few times in the book, by the way.

The book is very good, indeed.